Posts Tagged ‘system’

As Docker containerization is starting to become a standard for installing a brand new servers especially servers who live in Self-Made Clusters based on Orchestration technologites like Kubernetes (k8s) (check out – http://kubernetes.io),

Recently, I've had the task to set-up a Squid Cache (Open Proxy) server on a custom Port number to make it harder for internet open proxy scanners to identify and ship it to a customer.

What is Squid Open Proxy?

An open proxy is a proxy server that is accessible by any Internet user, in other words anyone could access the proxy without any authentication.

Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP and other protocols.
It reduces bandwidth and improves response times by caching and reusing frequently-requested web pages.
Squid has extensive access controls and makes a great server accelerator.
It runs on most available operating systems, including Windows and is licensed under the GNU GPL.

What is Docker?

For those who hear about Docker for a first time, Docker is an open-source software platform to create, deploy and manage virtualized application containers on a common OS such as GNU / Linux or Windows, it has a surrounding ecosystem of tools. Besides its open source version there is also a commercial version of the product by Docker Inc. the original company that developed docker and is today in active help of the project.

Docker components – picture source docker.com

What is Kubernetes?

Kubernetes, in short, is an open source system for managing clusters of containers. To do this, it provides tools for deploying applications, scaling those application as needed, managing changes to existing containerized applications, and helps you optimize the use of the underlying hardware beneath your containers.
Kubernetes is designed to be extensible and fault-tolerant by allowing application components to restart and move across systems as needed.

Kubernetes is itself not a Platform as a Service (PaaS) tool, but it serves as more of a basic framework, allowing users to choose the types of application frameworks, languages, monitoring and logging tools, and other tools of their choice. In this way, Kubernetes can be used as the basis for a complete PaaS to run on top of; this is the architecture chosen by the OpenShift Origin open source project in its latest release.

1. Install Docker Containerization Software Community Edition

Docker containers are similar to virtual machines, except they run as normal processes (containers), that does not use a Hypervisor of Type 1 or Type 2 and consume less resources than VMs and are easier to manage, nomatter what the OS environment is.

Docker uses cgroups and namespace to allow independent containers to run within a single Linux instance.

Docker Architecture – Picture source docker.com

Below docker install instructions are for Debian / Ubuntu Linux, the instructions for RPM package distros Fedora / CentOS / RHEL are very similar except yum or dnf tool is to be used.

a) Uninstall older versions of docker , docker-engine if present

apt-get -y remove docker docker-engine docker.io

! Previously running docker stuff such as Volumes, Images and networks will be preserved in /var/lib/docker/

Previously running docker stuff such as Volumes, Images and networks will be preserved in /var/lib/docker/

2. Build Docker image with Ubuntu Linux OS and Squid inside

To build a docker image all you need to do is have the Dockerfile (which is docker definitions build file), an Official image of Ubuntu Linux OS (that is provided / downloaded from dockerhub repo) and a bunch of docker commands to use apt / apt-get to install the Squid Proxy inside the Docker Virtual Machine Container

In dockerfile it is common to define for use an entrypoint.sh which is file with shell script commands definitions, that gets executed immediately after Docker fetches the OS from its remote repository on top of the newly run OS. It is pretty much like you have configured your own Linux distribution like using Linux from Scratch! to run on a bare-metal (hardware) server and part of the installation OS process you have made the Linux to run a number of scripts or commands during install not part of its regular installation process.

a) Go to https://hub.docker.com/ and create an account for free

The docker account is necessery in order to push the built docker image later on.
Creating the account creates just few minutes time.

b) Create a Dockerfile with definitions for Squid Open Proxy setup

I'll not get into details on the syntax that Dockerfile accepts, as this is well documented on Docker Enterprise Platform official website but in general gettings the basics and starting it is up to a 30 minutes to maximum 1h time.

After playing a bit to achieve the task to have my Linux distribution OS (Ubuntu Xenial) with Squid on installed on top of it with the right configuration of SQUID Cacher to serve as Open Proxy I've ended up with the following Dockerfile.

Apart from that I've used the following entrypoint.sh (which creates and sets necessery caching and logging directories and launches script on container set-up) permissions for SQUID proxy file that is loaded from the Dockerfile on docker image build time.
To have the right SQUID configuration shipped up into the newly built docker container, it is necessery to prepare a template configuration file – which is pretty much a standard squid.conf file with the following SQUID Proxy configuration for Open Proxy

The script uses the docker login command to authenticate non-interactively to https://hub.docker.com
docker build command with properly set DOCKER_ACC (docker account – which is the username of your hub.docker.com account as I've pointed earlier in article), then DOCKER_REPO (docker repository name) – you can get it either from a browser, after you've logged in to dockerhub or assuming you know your username, it should look like:
https://hub.docker.com/u/your-username-name – for example mine is hipod with repository name squid-ubuntu, my squid-ubuntu docker image build is here, you'll also need to provide the password inside the script or if you consider it a security concern, instead type manually from command line docker login and authenticate in advance before running the script, finally the last line docker push pushes to remote docker hub the new build of Ubuntu + SQUID Proxy with a predefined TAG that in my case is latest (as this is my latest build of Squid – if you need a multiple version number of Squid repository just change the tag to the version tag line number.

d) Use the script to build Squid docker image

Next run the script to make and push into docker your new image:

sh build-docker-image.sh

Please consider that in order to work with docker hub push / pull, you will need to have a firewall that allows connection to dockerhub site repo, if for some reason the push / pull fails, check closely your firewall as it is the most likely cause for failure.

3. Run the new docker image to test Squid runs as expected

To make sure the docker image runs properly, you can test it on any machine that has docker.io installed, this is done with a simple cmd:

docker run -d –restart=always -p 3128:3128 hipod/squid-ubuntu:latest

The -d option tells docker to background process /run in detached mode -p option tells docker to expose port (e.g. make NAT with iptables from the docker virtual container with Linux OS + SQUID listening inside the container on port 3128 to the TCP / IP 3128 server port).
You can use iptables to check the created Network Address Translation rules.

–restart=always option sets the docker restart policy (e.g. when the container is terminating it tells the container to restart the container (OS) after exit), there, you can use as a resetart policy (no, on-failure[:max_retries] , unless-stopped)

The task included to deploy two different Open Proxy squid servers on separate ports in order to add them external cluster Ingress load balancing via Amazon AWS, thus I actually used following 2 yaml files.

The service is externally exposed via later configured LoadBalancer to make the 2 squid servers deployed into k8s cluster accessible from the Internet by anyoneone without authorization (as a normal open proxies) via TCP/IP ports 33128 and 33129.

Conclusion

Though it all looks quite simplistic I should say creating the .yaml file took me long. Creating system configuration is not as simple as using the good old .conf files and getting used with the identation takes time.

Now once the LB are configured to play with k8s, you can enjoy the 2 proxy servers. If you need to do some similar task and you don't have to do it for a small fee, contact me.

Sometimes we have to administrate this operating systems such as FreeBSD / AIX / HP UX or even Mac OS server where by default due to historical reasons or for security bash shell is not avialable. That's not a common scenario but it happens so if as sysadmin we need to create for loops on ksh it is useful to know how to do that, as for loop cycles are one of the most important command line tools the sysadmin swiss army knife kind of.

So how to create a for loop (cycle) in ksh (Korn Shell)?

The most basic example for a KSH loop shell is below:

#!/bin/ksh
for i in 1 2 3 4 5
do
echo "Welcome $i times"
done

Add the content to any file lets say ksh_loop.ksh then make it executable as you do in bash shells

$ chmod +x ksh_loop.ksh
$ ksh ksh_loop.ksh

The overall syntax of the for loop ksh command is as follows:

for {Variable} in {lists}
do
echo ${Variable}
done

Hence to list lets say 20 iterations in a loop in ksh you can use something like:

#!/bin/ksh
for i in {1..20}
do
echo "Just a simple echo Command $i times";
# add whatever system commands you like here
done

Example for some useful example with KSH loop is to list a directory content so you can execute whatever command you need on each of the files or directories inside

#!/bin/ksh
for f in $(ls /tmp/*)
do
print "Iterating whatever command you like on /tmp dir : $f"
done

Other useful for loop iteration would be to print a file content line by line just like it is done in bash shell, you can do that with a small loop like belows:

I just tried to upgrade my Debian Wheezy 7 to the latest stable Debian Stretch 9 by not thinking too much and just changing the word wheezy with stretch in /etc/apt/sources.list so onwards on it looked like so:

were commented out because they were producing extra apt update errors …

And afterwards ran as usual:

apt-get update
apt-get –yes upgrade

The upgrade command executed fine and a lot of packages got downloaded and reinstalled without much issue, so I thought everything would be fine and just proceeded with the attempt to finalize the distribution major release 7 to major release 9 by running:

apt-get –yes dist-upgrade

But guess what now I got some dependency errors with cron and other installed packages that depend on package versions that are not going to be installed as the apt-get tool informed me.

I tried to out-smart the dpkg dependency system and removed all the packages reporting to have a missing dependencies with a short for bash loop after duming all the problematic packages showing dependency issues with commands such as:

Before proceeding further I had to manually edit few lines in a text editor to remove some of the junk left from apt-get too.

So i was brave and just removed the dependency missing packages with following other for loop:

for i in $(cat to_delete.txt); do dpkg -r –force-all $i; done

Now I was hoping that rerunning:

apt-get autoremove

dpkg --configure -a

apt-get update -f
apt-get dist-upgrade -f

would no longer complain and I would just install the removed packages in another for shell loop once every other packages gets installed.

But guess what I was wrong … the system entered into another bunch of depedency terribly issues and messed up so badly that there were at least 50 packages reporting to have a missing / broken or uninstallable deb version depedency …

I got totally Angry, I knew already from experience that just trying to jump over while skipping a major release e.g. upgrade Debian 7 to Debian 9, instead of first upgrading to Debian 8 Linux and then upgrading Debian 8 to Debian 9 have always produced the same mess but I was lame and stupid again to f**k it up and I was out of mind swearing (a truly bad habid I'm not proud of) …

So as the notebook with Linux so far was perfectly working with Debian 7 and had a tons of old installed software and I was in a state where if I restart the system it was very likely my Thinkpad r61 laptop won't boot at all, I googled around to find a solution unfortunately without any luck, so finally I used the good old and tested method to DO IT MYSELF and Find the Fix without Uncle Google's help and by God's grace I did, after experimenting a while with the aptitude package / install / remove update tool without much success, finally I find the solution to the totally messed up Debian package dependencies and it all came to a simply reverting back my /etc/apt/source.list to look like following:

After a while a Debian LinuxOS system downgrade was initated and the missing packages were found, downloaded from the correct wheezy repositories and all broken and missing dependencies packages were fixed !!! HOORAY IT WORKS AGAIN!!

However as I've been upgrading my sister's computer previously running Windows 7 to Windows 10 (the process of upgrading is really simple you just download Windows-Media-Creation-tool from Microsoft website and the rest comes to few clicks (Accept Windows 10 User Agreement, Create current install restore point (backup) etc.) and waiting some 30 minutes or so for the upgrade to complete.

Then it was up to downloading some other updates on a few times and restarting the computer, each time the upgrades were made and all the computer was ready. I've installed Avira (AntiVirus) as I usually do on new PCs and downloaded a bunch of anti-malware (MalwareBytes / Rfkill / Zemanta) to make sure that the old upgraded WIndows was not already infected before the upgrade and I've found a bunch of malware, that got quickly cleared up.

(here I have to say I've done that besides running in an Administrator command prompt (cmd.exe) and running

sfc /scannow

command to check base system files integrity, which luckily showed no problems with the Win base system files.

ReimagePlus however showed some failed services and some failed programs that were previously installed from Windows 7 before the upgrade and even it showed indication for Trojan present on computer but since ReImagePlus is a payed software and I didn't have the money to spend on it, I just proceeded to clean up what was found manually.

After that the computer ran fine, with the only strange thing that some data was from hard drive was red a bit too frequently, after a short call with a close friend (Nomen) – thx man, he suggested that the frequenty hdd usage might be related to Windows Search Indexing service database rebuilt and he adviced me to disable it which I did following this article How to speed up Windows by disabling Search Index Service.

One issue worthy to mention stumbled upon after the upgrade was problems with Windows Explorer which was frequently crashing and "restarting the Desktop", but once, I've enabled all upgrades from Microsoft and Applied them after some update failures and restarts, once all was up2date to all latest from Microsoft, Explorer started working normally.

As I wanted to run a MalwareBytes scan and Antivirus under Windows Safe-Mode, I tried entering it by restarting the Computer and pressing F8 a number of times before the Windows boot screen but this didn't work as Safe-Mode boot was changed in Windows 10 to be callable in another way because of some extra Windows Boot speed up optimizations, in short the easiest way I found to enter Windows 10 Safe Mode was to Hit Start Button -> Choose Restart PC and keep pressed SHIFT button simultaneously
that calls a menu that gives you some restore options, along with safe mode options for those who want to read more on How to Enter Safe mode (Command Prompt) on Windows 10 – please read this article.

Once the upgrade was over and all below done unfortunately I've realized her previously installed WIndows 7 is x86 (32 bit) version and the Acer notebook 5736Z where it is being installed is actually X64 (64 bit), hence I've decided to upgrade my dear sis computer to a 64 Bit Windows 10 and researched online whether, there is some tool that is capable to upgrade WIndows 10 from 32 bit to Windows 10 64 bit just to find out the only option is to either use some program to creaty a backup of files on the PC or to manually copy files to external hard drive and reinstall with a Windows 10 64 bit bootable USB Flash or CD / DVD image, so I took my USB flash and used again Windows Media Creation Tool to burn Windows and re-install with the 64 bit iso.

If you're wonder about why I choose to re-install finally Win 10 32 bit with Win 64 bit, because you might think performance difference might be not really so dramatic, then I have to say the Acer notebook is equipped with 4 Gigabytes of RAM Memory and Windows 10 32bit (Pro) could recognize a maximum of 3 Gigabytes (2.9 GB if I have to be precise) and 1 Gigabyte of memory stays totally unusued all the time with Winblows 10 32 bit.

I've tried my best actually to not loose time to fully upgrade Windows 7 (32 bit) -> Windows 10 (64 bit) but to make Windows 7 32 bit Windows to use more than the default Limitation of 3GB of memory by using this thirt party PAE Externsion Kernel Patch which is patching the Windows Kernel to extend the Windows support for PCs with up to 128 GB of memory however it turned out that this Patch file is not compatible with my Windows Kernel version once I followed readme instructions.

Well that's all folks, the rest I did was to just boot from the USB drive just burned and re-install WIndows and copy my files from User profile / Downloads / Pictures / Music etc. to the same locations on the new installed Windows 10 professional 64 bit and enjoy the better performance.

The term Bloatware (also called jokingly crapware) is term is the one that was coined to describe, the default pre-installed software that comes to you together with Windows pre-installed OS by the hardware manufacturer.
I'm sure anyone who bought brand new branded PC or laptop over the last 10 years have already suffered the unwanted and unnecessery
bunch of software that comes pre-installed freeware programs aiming to help you in your daily work but in reality just slowing down your PC
and showing annoying popups or at best keeping useless in Windows system apptray.

Many users may want to uninstall ASUS Crapware software such as ASUS Tutor, ASUS LifeFrame3, ASUS WebStorage and ASUSVibe.

Like Asus, HP computers often come preloaded with useless software from factory, example for this is HP Customer Service enhancements, HP Update, HP Total Care Setup and ProtectSmart.

If you buy Dell PC notebook soon you'll discover that there are several preloaded software (often unnecessery software) such as Dell Stage, Dell Digital Delivery and Dell DataSafe.

Toshiba computers and notebooks contain pre-loeaded "crapware" software from Toshiba.
Just to mention a few of those: Toshiba Disc Creator, Toshiba ReelTime, Service Station, Bulletin Board and Toshiba Assist.

Often there are fingerprint reader programs, Wi-Fi connection managers, Bluetooth managers, Audio Management sofware and other third party vendor software which tend to be not working as good as others softwares from third vendor, so Decrap is to help you to identify and remove these too in a easy GUI manner.

Non-experienced Computer users often leave the bloatware to hang around for even years and only if some relative that is an IT involved person / sysadmin / Even once you're aware that the Bloatware is on the system the ordinary user is hard to remove it as he is scared not to break the system.
Besides that fften this bloatware just soft comes so much integrated into Windows that removing it costs hours of tries and research online on
all the Bloatware components and even then could mislead you so you break the PC. programmer etc. comes home of such users finds out about the happily existing of the useless software on the notebook.

So here is DecrapMy Computer coming at place aiming to help to remove the unnecessery Hardware vendor software in few easy (Click, Click, Click Next ..) steps.

Then decrap does silently all the complex operations and suggestions to make the HP, Dell, Asus, Toshiba manufacturer prebundled software to be stopped and uninstalled.Decrap My Computer is a freeware, lightweight and easy to use and lets you safely remove crapware and bloatware, or any software, from any Windows PC.

Even for Old computers, Decrap comes handy for the unexperienced avarage user who used his laptop with this useless default vendors programs silently killing the performance respectively user experience for years.

Using Decrap is quite intuitive PC is scanned for Bloatware and then after a backup Windows Restore Point is offered you're offered to review and Uninstall the unwanted softwares. There is also an automatic mode but those one still could be a bit dangerous, so use the automatic mode only on multiple machines with the same model / brand notebooks that comes prebundled with same sofware after testing and confirming the automatic mode on 1 initial machine will not break up some needed functionality.

Getting CPU information, RAM info and other various hardware specifics on Windows from the GUI interface is pretty trivial from Computer -> Properties
even more specifics could be obtained using third party Windows software such as CPU-Z

Perhaps there are plenty of many other ones to get and log info about hardware on PC or notebook system, but for Windwos sysadmins especially ones who are too much in love with command prompt way of behaving and ones who needs to automatizate server deployment processes with BATCH (.BAT) scripts getting quickly info about hardware on freshly installed remote host Win serverwith no any additional hardware info tools, you'll be happy to know there are command line tools you can use to get extra hardware informationon Windows PC / server:

The most popular tool available to present you with some basic hardware info is of course systeminfo

Now though systeminfo's hardware details and installed Windows KBXXXXX OS Hotfix patches are getting lists the command does not provide you with info about system’s BIOS, thus to get this info you'll have to use also wmic (Windows Management Instrumentation Command).

So What Is WMIC?

WMIC extends WMI for operation from several command-line interfaces and through batch scripts. Before WMIC, you used WMI-based applications (such as SMS), the WMI Scripting API, or tools such as CIM Studio to manage WMI-enabled computers. Without a firm grasp on a programming language such as C++ or a scripting language such as VBScript and a basic understanding of the WMI namespace, do-it-yourself systems management with WMI was difficult. WMIC changes this situation by giving you a powerful, user-friendly interface to the WMI namespace.

WMIC is more intuitive than WMI, in large part because of aliases. Aliases take simple commands that you enter at the command line, then act upon the WMI namespace in a predefined way, such as constructing a complex WMI Query Language (WQL) command from a simple WMIC alias Get command. Thus, aliases act as friendly syntax intermediaries between you and the namespace. For example, when you run a simple WMIC command such as

Here is how to wmic to get PC Motherboard serial numbers, CPU and BIOS details:

C:\> wmic bios get name,serialnumber,version

Above will print name if your BIOS, current version and it’s serial number if there is any.

If you need to get more info about the specific Motherboard installed on host:

C:\> wmic csproduct get name,identifyingnumber,uuid

This command will show motherboard modification and it’s UUID

If you want to quickly get what is Windows running hardware CPU clock speed

C:\> wmic cpu get name,CurrentClockSpeed,MaxClockSpeed

Also if you have turbo boost CPUs above command will help you find what’s the Max Clock Speed your system is capable of for the current hardware configuration.

If you do have dynamic clock speed running, then add this line, will refresh and monitor the Clock speed every 1 second.

Though IBM AIX is basicly UNIX OS and many of the standard Linux commands are same or similar to AIX's if you happen to be a Linux sysadmin and you've been given some 100 AIX servers, you will have to invest some time to read on AIX, however as a starter you should be aware to at least be able to do performance tracking on system to prevent system overloads. If that's the case I advise you check thoroughfully below commands documentation.

To monitor the activity at all file system levels and write a verbose report to the fmon.out file, enter:

filemon -v -o fmon.out -O all

To display all information about the placement of a file on its physical volumes, enter:

fileplace -piv data1

To display a continuous disk report at two second intervals for the disk with the logical name disk1, enter the following command:

iostat -d disk1 2

To display extended drive report for all disks, enter the following command:

iostat -D

To list the characteristics of all paging spaces, enter:

lsps -a

List All Ports (both listening and non listening ports)

netstat -a | more

The netpmon command uses the trace facility to obtain a detailed picture of network activity during a time interval.

netpmon -o /tmp/netpmon.log -O all;

netpfmon is very much like AIX Linux equivalent of tcpdumpTo print all of the supported page size with an alphabetical suffix, enter:

pagesize -af

To display the i-nodes of the system dump saved in the dumpfile core file

pstat -i dumpfile

To report current tty activity for each 2 seconds for the next 40 seconds, enter the following command:

sar -y -r 2 20

To watch system unit for 10 minutes and sort data, enter the following command:

sar -o temp 60 10

To report processor activity for the first two processors, enter the following command:

sar -u -P 0,1

To display global statistics for virtual memory in a one line format every minute for 30 minutes, enter the following command:

svmon -G -O summary=longreal -i 60 30

The traceroute command is intended for use in network testing, measurement, and management.While the ping command confirms IP network reachability, you cannot pinpoint and improve some isolated problems

To display the count of various events, enter the following command:vmstat -sTo display the count of various events, enter the following command:

vmstat -s

To display time-stamp next to each column of output of vmstat, enter the following command:

vmstat -t

To display the I/O oriented view with an alternative set of columns, enter the following command:

vmstat -I

To display all the VMM statistics available, enter the following command:

vmstat -vs

If you already have some experience with some BSD (OpenBSD or FreeBSD) you will feel much more confortable with AIX as both operating system share common ancestor OS (UNIX System V), actually IBM AIX is U. System V with 4.3 BSD compatible extensions. As AIX was the first OS to introduce file system journalling, journalling capabilities on AIX are superb.AIXwas and is still widely used by IBM for their mainframes, on IBM RS/6000 series (in 1990s), nowdays it runs fine on PowerPC-based systems and IA-64 systems.
For GUI loving users which end up on AIX try out SMIT(System Management Interface tool for AIX). AIX was using bash shell in prior versions up to AIX 3 but in recent releases default shell is Korn Shell (ksh88).
Nowdays AIX just like HP-UX and rest of commercial UNICes are loosing ground as most of functionalities is provided by commercial Linux distributions like RHEL so most of clients including Banks and big business clients are migrating to Linux.

I
've been called urgently today by miss Jenia Pencheva who is the president of Christian Air Ticket Agency GoodFaithAir, her personal computer caused her quite a lot of headache, I've previously fixed it once and she was happy with that thus when she experienced problems she give me a call for remote IT support :).

She explahed her PC was unable to boot normally and in order to have some Windows she ended in Safe-Mode with Networkingstate. This problems caused her business losses as during PC in Safe mode the screen resolution even though with networking and she couldn't use the flight ticket ordering systems to purchase her customers new tickets. I've earlier installed TeamViewr on her PC so after Logging on the PC, I've immediately realized the Hard Disk was almost full (less than 1Giga free on C: Drive – where Windows install lived).

After a thorough investigation on which directory is occupying most of disk space (110GB) with a nice program called SpaceSniffer which is perfect for finding lost space on your hard disks, I've found System for ticket reservation Amadeus CRS (Computer Reservation System) was causing the disk full-full troubles.

Then I used Microsoft Windows embedded clean manager (cleanmgr.exe) to run disk clean up, however Desk Clean Up managed to clear up only about 1Giga and on the computer HDD which is 150Gb still on Windows installation drive C: only 1.5GB were free.
Besides that the system was having a second trouble as there were some failed updates (Computer was not shutdown properly but shutdown during Windows Update) and this was making the machine to enter Safe-Mode, I was fixing the system over TeamViewer session so after restart I had no way to see if Windows boots Normal or Safe-Mode after restart, thus to find out whether Windows was in Safe-Mode after another restart I've used below PowerShell one-liner script:

PS C:> gwmi win32_computersystem | select BootupState

BootupState
———–
Fail-safe with network boot

Note that possible return results from above command are:

Normal boot
Fail-safe boot
Fail-safe with network boot

I've been struggling for a while (had to restart it multiple times) until finally I managed to make it boot in normal mode. Because PC was failing to apply some Windows Update, thus dropping by in Safe-Mode each time. To solve that I had to go and Delete two of the last Applied updates (KB2979xxxx files).

Control Panel -> Program and Features -> View Installed Updates

I've restarted and since I couldn't see the screen on Windows boot-time, I don't know what really happened but the PC booted again in Safe-Mode, and I thought the classical way to fix PC booting in Safe-Mode with SFC command will help:

C:> sfc /scannow

but for my surprise this helped not as the system continuously booted in Safe-Mode, to fix the Windows PC always booting to Safe-Mode, I had to change it running msconfig and untickingSafe Mode field

C:> msconfig

Then I tried to delete Temporary Internet Files with below DEL cmd line

Note that in some cases running above commands might left you loose some sensitive data and in case where Internet is slow cleaning temporary files, might have impact on surfing also you will loose your history so be sure you know what you're doing as you might loose sensitive data.

Recently I had a task to delete number of set variables (listed parameters) from URL address on a Apache webserver serving as Reverse Proxy.
To make it more clear exact task was when customers call the URL https://companywebsite-url.com (all subdomains included) the following URL parameters should always be deleted by the reverse proxy:

– ebppMode
– ebppObjectKey
– ebppObjectType
– ebppSystem
– logSys

The paramets are part of SAP Biller Direct in a Portal (based on the famous SAP database)which is often deployed as a component of Internet Sales (ISA) / Supplier Relationship Management (SRM) / CRM, if a user is logged in with his Credentials (KID (Key ID) / Admin KID) into the system. The EBPP part of most variables stands for (Electronic Bill Presentment and Payment).

By passing above parameters to Website, modes of use, user accounts switched with which user is logged into the system system logs read and other stuff which can turn to be a severe security hole.
As most of Big Companies, does pass there web traffic via a "transparent" Reverse Proxy,it is a good security practice for SAP Biller Direct (including CRM systems( to wipe out this variables

Here is the mod_rewrite working rules that I used to achieve the delete variable from URL address task:

P.S. I've implemented above Rewrite rules into all Virtualhosts of Applications (in that case all living in the same httpd.conf on SuSE (SLES) 11 SP1 Enterprise Linux server).
To make changes affective, restarted HTTPD Webserver:

If you have to tune some weirdly behaviour Microsoft IIS (Internet Information Services) webserver, the first thing to do is to collect information about the system you're dealing with – get version of installed Windows and check what kind of IIS version is running on the Windows server?

To get the version of installed Windows on the system you just logged in, the quickest way I use is:

Start -> My Computer (right mouse button) Properties

Run regedit from cmd.exe and go and check value of registry value:

HKEY_LOCAL_MACHINE\SOFTWARE\MicrosoftInetStp\VersionString

As you can see in screenshot in this particular case it is IIS version 6.0.

An alternative way to check the IIS version in some cases (if IIS version return is not disabled) is to telnet to webserver:

telnet your-webserver 80

Once connected Send:

HEAD / HTTP/1.0

Also on some Windows versions it is possible to check IIS webserver version from Internet Information Services Management Cosnole: